CLAIMS 



1. A method in a switch for controlling access to a network, the method 
comprising: 

for each node connected to the switch, receiving from a network manager 
addresses to which the node is authorized to transmit a 
communication; 

receiving a communication from a node, the communication having a 

destination address; 
determining based on the received addresses whether the node that 

transmitted the communication is authorized to transmit a 

communication to the destination address; and 
when it is determined that the node is not authorized, suppressing the 

transmitting of the received communication through the network. 

2. The method of claim 1 wherein the address is a virtual address. 

3. The method of claim 1 wherein the switch has multiple ports, wherein each 
port is connected to a node, and wherein each port has access to the received 
addresses to which the connected-to node is authorized to transmit a 
communication. 

4. The method of claim 1 including storing the received addresses in a label 
table associated with a port of the switch that is connected to the node. 

5. The method of claim 1 including notifying the network manager that the 
node is not authorized to transmit received communications. 
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[c6] 6. The method of claim 1 including indicating that the node is no longer 
authorized to transmit any communication. 

[c7] 7. The method of claim 6 wherein received addresses are stored in 
association with the node and the indicating includes removing the association of 
an address with the node. 

[c8] 8. The method of claim 6 wherein the indicating that the node is no longer 
authorized to transmit to the address occurs in response to an indication from the 
network manager that the node is no longer authorized to transmit to the address. 

[c9] 9. The method of claim 6 wherein the indicating that the node is no longer 
authorized to transmit to the address occurs in response to expiration of a timeout 
period. 

[do] 10. The method of claim 6 wherein the indicating that the node is no longer 
authorized to transmit to the address occurs in response to detecting a condition 
in a physical layer of a link to between the switch and the node. 

[en] 11. The method of claim 1 wherein an address is received from the network 
manager during registration of the node. 

[ci2] 12. The method of claim 1 including when it is determined that the node is 
authorized, transmitting the received communication to the destination address. 

[d3] 13. The method of claim 1 wherein the receiving includes receiving a filter 
parameter that indicates valid data of a communication from the node. 

[d4] 14. The method of claim 13 including when the received communication does 
not satisfy a filter parameter, discarding the received communication. 
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[c15] 15. The method of claim 14 wherein the filter parameter is priority. 

[ci6] 16. The method of claim 14 wherein the filter parameter is class of service. 

[d7] 17. A method in a routing device for controlling access to a network, the 
method comprising: 

receiving a filter for a node, the filter indicating a valid parameter for a 

communication transmitted by the node through the network; 
receiving a communication from the node, the communication having a 
parameter; 

determining whether the parameter of the received communication is valid 

based on the received filter; and 
when it is determined that parameter of the received communication is not 

valid, suppressing the transmitting of the received communication. 

[d8] 18. The method of claim 17 wherein the parameter is a virtual address and the 
filter indicates one or more virtual addresses that can be validly used in a 
communication transmitted by the node. 

[d9] 19. The method of claim 17 wherein the parameter relates to priority of a 
communication and the filter indicates a priority that can be validly used in a 
communication transmitted by the node. 

[c20] 20. The method of claim 1 7 wherein the parameter relates to class of service of 
a communication and the filter indicates a class of service that can be validly used 
in a communication transmitted by the node. 

[c2i] 21. The method of claim 17 wherein the routing device has multiple ports, 
wherein each port is connected to a node, and wherein each port has access to a 
received filter for the connected-to node. 

03004-8042/8042 app.doc] -37- 10/24/01 



3 



[c22] 22. The method of claim 17 wherein the received filter is associated with a 
destination address assigned to the node and wherein the filter is applied to 
communications transmitted by the node that have that destination address. 

[c23] 23. The method of claim 17 including notifying a network manager when the 
transmitting of a communication is suppressed. 

[c24] 24. The method of claim 17 wherein the filter is received from a network 
manager. 

[c25] 25. The method of claim 17 wherein the filter is received from the network 
manager based on registration of the node. 

[c26] 26. The method of claim 1 7 wherein the routing device is a switch. 



H [c27] 27. The method of claim 17 wherein the routing device is Fibre Channel 
compatible. 



[c28] 28. The method of claim 17 wherein the routing device is InfiniBand 
compatible. 

[c29] 29. A routing device for controlling access to a network, comprising: 

a component having a filter for a node, the filter indicating valid parameters 

for communications transmitted by the node through the network; 
a component that receives communications from the node, the 

communications having parameters; 
a component that applies the filter to the communications to determining 

whether the parameters of the received communications are valid; 

and 
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a component that discards a received communication when it is determined 
that a parameter of the received communication is not valid. 



[c30] 30. The routing device of claim 29 wherein a parameter is a virtual address 
and the filter indicates one or more virtual addresses that can be validly used in a 
communication transmitted by the node. 

[c3i] 31. The routing device of claim 29 wherein a parameter relates to priority of a 
communication and the filter indicates a priority that can be validly used in a 
communication transmitted by the node. 

Hi [c32] 32. The routing device of claim 29 wherein a parameter relates to class of 
;P service of a communication and the filter indicates a class of service that can be 

Qi validly used in a communication transmitted by the node. 

[c33] 33. The routing device of claim 29 wherein the routing device has multiple 
HI ports connected to nodes and wherein each port has access to a filter for the 

□ connected-to node. 

[c34] 34. The routing device of claim 29 wherein the filter is associated with a 
destination address assigned to the node and wherein the filter is applied to 
communications transmitted by the node that have that destination address. 

[c35] 35. The routing device of claim 29 including notifying a network manager when 
a communication is discarded. 

[c36] 36. The routing device of claim 29 wherein the filter is received from a network 
manager. 
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[c37] 37. The routing device of claim 36 wherein the filter is received from the 
network manager during registration of the node. 

[c38] 38. The routing device of claim 29 including a component that indicates that 
the node is not allowed to transmit any communications when it is determined that 
the parameter of a received communication is not valid. 

[c39] 39. The routing device of claim 29 including when it is determined that the 
parameter of the received communication is not valid, indicating that the node is 
not allowed to transmit communications to a destination address associated with 
u the received communication. 

hP [c40] 40. The routing device of claim 29 including a component that transmits a 

Jo 

U received communication when it is determined that the parameters of the received 

1~ communication are valid. 



[o4i] 41. The routing device of claim 29 including a component that modifies the 
filter so that the modified filter is applied to subsequent communications received 
from the node. 

[c42] 42. The routing device of claim 29 wherein the routing device is a switch. 

[o43] 43. The routing device of claim 29 wherein the routing device is Fibre Channel 
compatible. 

[o44] 44. The routing device of claim 29 wherein the routing device is InfiniBand 
compatible. 

[c45] 45. A routing device for controlling access to a network, comprising: 
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means for applying a filter to communications received from a node to 
determining whether parameters of the communications are valid; 
and 

means for discarding a communication when it is determined that a 
parameter of the communication is not valid. 

[o46] 46. The routing device of claim 45 wherein a parameter is a virtual address 
and the filter indicates one or more virtual addresses that can be validly used in a 
communication transmitted by the node. 

[o47] 47. The routing device of claim 45 wherein a parameter relates to priority of a 
communication and the filter indicates a priority that can be validly used in a 
communication transmitted by the node. 

[c48] 48. The routing device of claim 45 wherein a parameter relates to class of 
service of a communication and the filter indicates a class of service that can be 
validly used in a communication transmitted by the node. 

[c49] 49. The routing device of claim 45 wherein the routing device has multiple 
ports connected to nodes and wherein each port has access to a filter for the 
connected-to node. 

[c50] 50. The routing device of claim 45 wherein the filter is associated with a 
destination address assigned to the node and wherein the means for applying the 
filter applies it to communications transmitted by the node that have that 
destination address. 

[c5i] 51. The routing device of claim 45 including a component that transmits a 
received communication when it is determined that the parameters of the received 
communication are valid. 
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[c52] 52. The routing device of claim 45 wherein the routing device is a switch. 

[c53] 53. The routing device of claim 45 wherein the routing device is Fibre Channel 
compatible. 

[c54] 54. The routing device of claim 45 wherein the routing device is InfiniBand 
compatible. 

[c55] 55. The routing device of claim 45 includes means for receiving a filter from a 
network manager. 



0 [c56] 56. The routing device of claim 56 wherein the filter is received during 

1 registration of the node. 
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